Re: Controlled types and exception safety

["Randy Brukardt" <randy@rrsoftware.com>]

"Jeffrey R. Carter" <spam@spam.com> wrote in message
news:ekrlf.267$Tg2.247@newsread1.news.pas.earthlink.net...
> Randy Brukardt wrote:
> >
> > For an another explanation of this, see ARM 7.6(17.a-17.h).
> > http://www.adaic.com/standards/95aarm/html/AA-A-5-3.html
>
> Is it meaningful that you reference 7.6 and provide the URL of 5.3?

No, cut-and-paste error.

> > The other issues are solveable, but this one is not.
>
> This still doesn't seem like a problem to me. Suppose R is a discriminated
> record with default:
>
> type R (D : D_Type := D_Type'First) is record
>     ...
> end record;
>
> and we want to write Assign:
>
> procedure Assign (To : in out R; From : in R);

That's not the problem. The problem is with the components of R, if they
also have user-defined assignment.

These user-defined assignments have to compose (otherwise, you'd be breaking
the invariants of the component types - remember, these components are
likely private types, and you might not have any idea how they're
implemented). So, you have to be able to *automatically* do the right thing
for each component. (This, BTW, is why Ada insists that an exception in one
Adjust routine be delayed until all other Adjusts have completed -- we don't
want a failure in one abstraction to destroy another, unrelated one.)

Say you have an assignment for type R as described above, and a function F
returning an object of type R. And you have type S defined as:

type S (D : Boolean := False) is record
    case D is
        when False => null;
        when True => C : R;
    end case;
end record;

O : S; -- D = False here.

O := (D => True, C => F);

Now, how is this assignment performed if we're using the default assignment
here? Since we need to component, we need to call the Assign procedure on
the component C, but what left-hand side to pass as To? There isn't a
component O.C in the left-hand side!

Now, you could try to (a) require this also have a user-defined Assign [but
that's very unfriendly and error-prone] or (b) ban components that have
user-defined assignment from being discriminant dependent [but this would be
a big contract model problem - or, a lot of things that are currently done
in generic bodies could no longer be. For instance, if R was a generic
private type, the above type S would have to be illegal in a generic body -
not matter what the actual type of R is.]

So there is no solution in the framework of Ada. To solve the problem, you'd
have to get rid of discriminants and discriminant-dependent components --
and that's not an option for Ada.

...
> Maybe I'm still missing something. Anyway, I never thought user-defined
> assignment was a real need. Limited types and Assign procedures seem
adequate to
> me. What Ada 83 really lacked was finalization. While I'm glad Ada 95 has
it, I
> think I'd prefer
>
> for R'Finalize use ...;

Maybe Ada 200Y limited types and Assign procedures would be adequate, but
certainly not the Ada 95 variety. Ada 95 limited types don't allow (1)
aggregates; (2) constants; (3) useful functions; or (4) any sort of complex
initialization. Which means that you can't use many of the techniques that
help reduce bugs in Ada (such as letting the compiler check that all
components have been given in an aggregate). And limited types also block
most optimizations by their very nature. That's useful in some cases, but in
others you'd rather let the compiler eliminate extra temporaries and
Finalizes. (That's allowed for non-limited types, but never for limited
types.)

                           Randy.